From 418f3d6298beb27e050618e2f59e01d6d3b2f45b Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 9 Aug 2017 09:24:16 -0400 Subject: Make sure we always wind up checking i2d_*'s output. The biggest offender here was sometimes not checking the output of crypto_pk_get_digest. Fixes bug 19418. Reported by Guido Vranken. --- src/or/connection_or.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/or/connection_or.c') diff --git a/src/or/connection_or.c b/src/or/connection_or.c index dadfdc4380..49d48d72e0 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1552,7 +1552,9 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, } if (identity_rcvd) { - crypto_pk_get_digest(identity_rcvd, digest_rcvd_out); + if (crypto_pk_get_digest(identity_rcvd, digest_rcvd_out) < 0) { + return -1; + } } else { memset(digest_rcvd_out, 0, DIGEST_LEN); } -- cgit v1.2.3-54-g00ecf